﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Principal;
using System.Web;
using System.Web.Mvc;
using SinsenWeb.Models;

namespace SinsenWeb.Helpers.Filters.ControllerFilters
{
    public class AdminActionAttribute : AuthorizeAttribute
    {
        protected override bool AuthorizeCore(HttpContextBase contextBase)
        {
            var member = LoginHelper.GetCurrentMember();
            if(member==null)
            {
                MessageHelper.Alert(MessageHelper.DefaultStrings.NeedLogin);
                return false;
            }
            if(!member.HasRole(SecurityRole.Admin))
            {
                MessageHelper.Alert(MessageHelper.DefaultStrings.NeedAdmin);
                return false;
            }
            return true;
        }

    }
}
